VDOO releases runtime protection agent for connected devices

VDOO released its ERA – Embedded Runtime Agent for ongoing connected device security. The VDOO agent is tailored for each device based on an analysis of its firmware binary by Vision – VDOO’s analysis platform, focusing on the device’s threat landscape and resources, while avoiding any performance or functionality impact to the device.

“While the VDOO analysis solution, Vision, provides the ultimate tools to properly implement security building blocks and mitigate threats on connected devices, attack methods always evolve and one must have evolving countermeasures that can deal with the unknown. For that we offer ERA, the first and only runtime security solution for IoT that takes in account each devices’ specific attributes and threat landscape,” said Netanel Davidi, co-founder and co-CEO at VDOO.

Based on VDOO’s analysis of more than 4,000 IoT device firmware binaries, 98% of firmware files contain at least one vulnerability that scored higher than 7.0 (High) on the Common Vulnerability Scoring System (CVSSv3) scale. This level of vulnerability is typically reserved for items with exploits which can be executed with minor or no authentication, either locally or remotely. In addition, in the past year, IoT makers have been able to address and mitigate more than 120 zero-day vulnerabilities using VDOO’s Vision analysis platform.

VDOO’s Embedded Runtime Agent (ERA)

The VDOO ERA was created with the specific challenges of IoT devices in mind and as such:

• Is the on-device software that is tailored for each specific device,
• Operates with minimal CPU, storage and memory overheads,
• Provides a range of protection types against known and unknown vulnerabilities,
• Enables the user to choose between a detect or block operation mode.

In addition to on-device runtime protection, the VDOO ERA is able to communicate with other network elements for enhanced network security. VDOO works with security vendors to enable communication with network-based security solutions such as Network Access Control (NAC), Firewalls, Security Information and Event Management (SIEM) software, and IoT gateways.

VDOO’s end-to-end solution

VDOO’s end-to-end platform facilitates security and trust for IoT devices throughout the entire device lifecycle in a cost and effort efficient manner — from security analysis to implementation, certification and post-deployment security enablement.

The VDOO Vision Analysis Platform is a web-based service that performs analysis of a device’s firmware and determines its security gaps and requirements. Following the device’s analysis, the VDOO platform offers guidance for vendors to implement the identified requirements. Once security features have been implemented, the platform validates this, and provides a physical and digital certification to communicate the device’s security standing to the world.

Completing the end-to-end solution are the VDOO Embedded Runtime Agent (ERA) and Honeypot (Quicksand). The released agent provides post-deployment detection, prevention, and mitigation capabilities against zero-days, known attack methods, and embedded devices’ malware. VDOO’s IoT honeypot works on a physical device or via emulation, providing intelligence to prepare mitigations, predict future attacks, and reveal new vulnerabilities.

Each component of the VDOO solution is available now.

The VDOO Certified Security Engineer (VCSE) program

To complement its product offerings, VDOO has launched the VDOO Certified Security Engineer (VCSE) program to share its knowledge and research across the IoT industry.

The VCSE program is a training that provides insight into how to integrate security into the development of IoT devices. By taking part in sessions on threats, security implementation and testing methodologies, including hands-on lab experience, attendees will gain the fundamental security knowledge necessary to develop secure IoT devices.